Link to home
Start Free TrialLog in
Avatar of jmba32
jmba32

asked on

Windows XP VPN Server Did not assign an address error:738

Hello. We have @ 10 users how use a Windows VPN to connect to a remote site that is using a Cisco PIX IPSec VPN. We have never had a problem until this Monday. We are behind a WAN Firewall that is Linux based. We have never had a problem with connecting. There was a change made in WAN Firewall that limited traffic to a range of IP addresses to a specific server that has to do with Email and port 25, not VPN 1723 and GRE 47. Those apear to be open to the specific IP address that we are trying to establish the VPN with. I suppect that something was changed in addition the port 25 changes which are working fine. Windows VPN is the only affected. Sometime we can connect but even when we do it gets kicked out. Outside this network VPN works fine. Public WIFI not a problem.

Also we have done some TCP Dumps and one thing we are seeing is

Conf-Rej(9), IP_Addr=0.0.0.0, Pri-DNS=0.0.0.0 etc...

Any help would be greatly appreciated.

Thanks,
James
Avatar of noctot
noctot
Would it be possible to post the config for your firewall before and after the changes were made?
Avatar of jmba32
jmba32

ASKER

I wish I could. Our WAN is hosted by a outside company and I do not have access to it. I can manage rules via a website. But it is very limited. We have been screeming at them 4 3 days to find out why when we put a client somewhere else besides here behind their firewall we can connect randomly at best. I think we are going to bypass their system by using 2 Cisco PIX firewalls. I just was wondering if there was something on the client side I may be missing. These are default install Windows VPNs. All we really supply is IP address, username and password. Something is not allowing the destination server to hand out an IP address when we are here.

Here are some dumps that I have been able to aquire.

Here is a GRE request from each of these nodes

Peak 10 -          18:13:39.570208 unknown.ord.scnet.net > 10.8.4.93: gre [KSAv1] ID:4000 S:15 A:17 ppp: Conf-Nak(12), MPPC
18:13:39.571064 10.8.4.93 > unknown.ord.scnet.net: gre [KSAv1] ID:123f S:18 A:15 ppp: Conf-Ack(1), MPPCRaleigh 
Raleigh -           18:51:20.176434 10.8.148.62 > unknown.ord.scnet.net: gre [KSAv1] ID:1151 S:786 A:541 ppp:
18:51:20.177604 unknown.ord.scnet.net > 10.8.148.62: gre [KSAv1] ID:0100 S:543 A:784 ppp:

And here are the TCP port 1723 communications

Peak 10 -          18:13:39.762582 unknown.ord.scnet.net.1723 > 10.8.4.93.1943: P 189:337(148) ack 461 win 4096: pptp CTRL_MSGTYPE=CDN CALL_ID(16384) RESULT_CODE(1) ERR_CODE(0) CAUSE_CODE(0) [|pptp]
18:13:39.955057 10.8.4.93.1943 > unknown.ord.scnet.net.1723: . ack 337 win 65199 (DF)
Raleigh -           19:03:36.568116 unknown.ord.scnet.net.1723 > 10.8.148.62.1046: P 268:284(16) ack 309 win 4096: pptp CTRL_MSGTYPE=ECHORQ ID(2421035776)
19:03:36.568306 10.8.148.62.1046 > unknown.ord.scnet.net.1723: P 309:329(20) ack 284 win 65535: pptp CTRL_MSGTYPE=ECHORP ID(2421035776) RESULT_C

Peak 10 is a site we are have the trouble and Raleigh is working fine.

ASKER CERTIFIED SOLUTION
Avatar of jmba32
jmba32
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of jmba32
jmba32

ASKER

Please close this thread.